Educause Security Discussion mailing list archives
Re: Questions about Firewall Exceptions
From: Brenda B Gombosky <brenda.gombosky () LOUISVILLE EDU>
Date: Thu, 15 Mar 2007 15:42:11 -0400
Brenda B. Gombosky, CISSP, CHSP Director, Information Technology University of Louisville Miller IT Center, Room 109 Louisville, KY 40292 (502)852-5037 (502)419-6689
"Greg T. Grimes" <gtg4 () MSSTATE EDU> 3/14/2007 5:33 PM >>>
I have a few questions about how everyone handles firewall exceptions. I know everyone won't have the same settup as we do, but MSU is looking to have a formal authorization process for exceptions. Thanks in advance. 1. Who manages your firewalls? Central IT, Department IT? Central IT 2. Do you you require approval for an exception in a firewall for a network? Yes a. If so, who approves? Designated security staff b. What is the approval process? All approvals are approved, any questionable requests are sent to me for final approval as Director Requests must be in by Wednesday Noon - to be done during PM hours (Friday evenings) Emergencies must be approved via Dean/Dept head before being sent - final approval by Director (me) c. Do you use a form? Yes - online 3. What exceptions do you allow or disallow? Varied Again, thank you in advance for your responses. Have a great day. -- Greg T. Grimes Systems Programmer ITS -- Network Services Mississippi State University greg () its msstate edu
Current thread:
- Questions about Firewall Exceptions Greg T. Grimes (Mar 14)
- <Possible follow-ups>
- Re: Questions about Firewall Exceptions Michael Hornung (Mar 14)
- Re: Questions about Firewall Exceptions Randy Marchany (Mar 14)
- Re: Questions about Firewall Exceptions Matthew Keller (Mar 15)
- Re: Questions about Firewall Exceptions Gary Flynn (Mar 15)
- Re: Questions about Firewall Exceptions Brenda B Gombosky (Mar 15)
- Re: Questions about Firewall Exceptions Greg T. Grimes (Mar 19)